2 matches found
CVE-2022-50299 md: Replace snprintf with scnprintf
In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...
CVE-2022-50299
CVE-2022-50299 is a Linux kernel issue in the md (multiple device) module where snprintf() could wrap around when the total length of the block device names with slashes exceeds 200, leading to incorrect buffer sizing. The vulnerability arises from using snprintf; the fix is to replace snprintf w...